The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 162 national standards bodies. ISO creates documents that provide requirements, specifications, guidelines or characteristics that can be used consistently to ensure that materials, products, processes and services are fit for their purpose and is the source of 23,088 International Standards, ISO’s standards provide world-class specifications for products, services and systems, to ensure quality, safety and efficiency.
ISO 9001:2015 sets quality management standards that demonstrate an organization’s ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements and to enhance customer satisfaction through the effective application of the system.
ISO/IEC 20000-1:2011 is a service management system (SMS) standard which specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery, and improvement of services to fulfill agreed service requirements.
ISO/IEC 27001:2013 is a security management system standard which specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. An ISMS is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organization’s information risk management processes.